[Koha-bugs] [Bug 28998] Encrypt borrowers.secret
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Apr 21 18:47:58 CEST 2022
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28998
--- Comment #39 from Martin Renvoize <martin.renvoize at ptfs-europe.com> ---
OK, I spotted it..
I had dropped the config between first and second test.
So.. I think this highlights an issue.. we should probably try/catch to give a
better error than the 500 we currently throw on lack of configuration.. or
fallback to unencrypted secrets when the key is missing.. but that
re-introduces the security issue.
Might even be worth a script to quickly encrypt un-encrypted secrets at upgrade
if we don't get this pushed prior to release
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list